Security Research: Internship Opportunities

Share job

Come build community, explore your passions and do your best work at Microsoft with thousands of University interns from every corner of the world. This opportunity will allow you to bring your aspirations, talent, potential—and excitement for the journey ahead.

As a Security Research Intern, under supervision you will design and conduct security research including malware analysis, threat and vulnerability analysis, adversary tracking, threat intelligence, detection and remediation development and other technology application focuses related to the understanding of the threat landscape with intent to disrupt adversaries or provide protection via defensive products and services. You will help generate solutions including first party mitigation, and working closely with customers and partners, support operational security and security incidents as well as security reviews and reporting.

We are building a cutting-edge Cloud solution that gives customers visibility and control without impeding agility and helps them stay ahead of cyber threats as they evolve. You will join the group that is responsible for advanced threat detection capabilities, leveraging machine learning and behavioral profiling to detect emerging threats and advanced attacks by engineering a hyper-scale service to defend millions of hosts.

As an intern at Microsoft, you’re stepping into a world of real impact from day one. You’ll collaborate with global teams on meaningful projects, explore cutting-edge technologies like AI, and kick start your career while doing it. With a strong focus on learning and development, this is your opportunity to grow your skills, build community, and shape your future—all while being supported every step of the way.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Required Qualifications:

• Candidate must be enrolled in a full time bachelor's or masters program in an area relevant for the role during the academic term immediately before their internship.
• Must have at least one semester or term of school remaining following the completion of the internship

Preferred Qualifications:

• Currently pursuing a Master's Degree in Statistics, Mathematics, Computer Science or related field

The base pay range for this internship is USD $5610.00 - $11010.00 per month. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $7270.00 - $12030.00 per month.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-intern-pay

Microsoft accepts applications and processes offers for these roles on an ongoing basis throughout the academic calendar (August - April)

• Begin to analyze threat trends and anomalies to determine operational impact. Determine vectors that introduce threat and potential mitigation strategies. Learn about systemic security issues and how to address them.
• Process threat reporting from internal and external sources. Provide discrete threat data based on intelligence requirements or customer requests.
• Identify security defects or vulnerabilities and deficiencies in security guidance.
• Contribute code to technical implementation and automation of solutions to address security issues, such as signature detection, malware, threat analysis, or reverse engineering. Use results from research and experimentation to support architecture or product direction.
• Identify areas of dependency and overlap with other teams or team members. Provide constructive input so the work is integrated and timely. Communicate the status of deliverables and dependencies to meet schedule.
• Engage in measures to protect tools, techniques, information, and results of security practices. Respond to incidents for systems or products as needed. Use results of pen testing to improve products and services.